Duration: 60 minutes Total points: 100

Section D — Educational extension (2 × 6 = 12 points) 11. (6 pts) Explain how USB device spoofing (changing reported VID/PID) can be used legitimately and maliciously. Provide two practical tips for defenders to detect spoofed devices on a network or host. 12. (6 pts) For an embedded developer building a USB product derived from a mass-storage controller that shows VID 0951 PID 1666 by default, explain how to ensure unique identification for production units (bootloader/fuse approach, serial numbers, and recommended USB descriptor fields to set). Provide one concise sample of a device descriptor fragment illustrating vendor, product, and serial string values (present as plain text, not binary).

Instructions: Answer all questions. Show calculations or commands where requested. Practical tasks may require running commands or inspecting sample outputs; if you cannot execute them, explain expected results and how you would validate them.